Operator: cannot patch resource "events" in API group ""

[paraddise]

🐞 Bug report

Describe the bug

When auto discovery service has error, it adds message to pod events.

Steps To Reproduce

Just deploy securecodebox 4.9.0 to kubernetes 1.30, annotate namespace and deploy example nginx pod.

Expected behavior

No error messages.

System

• secureCodeBox: 4.9.0
• Kubernetes Version: 1.30

Screenshots / Logs

E1008 13:55:26.062201       1 event.go:359] "Server rejected event (will not retry!)" err="events \"nginx-test-scan-1.17fc7d8e0ba1ae1e\" is forbidden: User \"system:serviceaccount:infra-securecodebox:auto-discovery\" cannot patch resource \"events\" in API group \"\" in the namespace \"default\"" event="&Event{ObjectMeta:{nginx-test-scan-1.17fc7d8e0ba1ae1e  default    0 0001-01-01 00:00:00 +0000 UTC <nil> <nil> map[] map[] [] [] []},InvolvedObject:ObjectReference{Kind:Pod,Namespace:default,Name:nginx-test-scan-1,UID:b5ff0d41-ae0b-41e8-8ff5-220d795004bd,APIVersion:v1,ResourceVersion:1135486893,FieldPath:,},Reason:ScanTypeMissing,Message:Namespace requires ScanType 'trivy-image-autodiscovery' to properly start automatic scans.,Source:EventSource{Component:ContainerScanController,Host:,},FirstTimestamp:2024-10-08 13:33:26.037401118 +0000 UTC m=+21.893455883,LastTimestamp:2024-10-08 13:55:26.056755524 +0000 UTC m=+1341.912810189,Count:23,Type:Warning,EventTime:0001-01-01 00:00:00 +0000 UTC,Series:nil,Action:,Related:nil,ReportingController:ContainerScanController,ReportingInstance:,}"

Additional context

I added create, patch for events resource, errors don't appear in logs now, but I don't see them in pod events.

[Weltraumschaf]

Hi @paraddise,

thanks for submitting this issue. We'll investigate this.